Download only the certificate chain in Base 64 encoded format. The chain will be in PKCS format and will have the server certificate and the root CA. We will need to extract each certificate from the chain in order to upload them to Amigopod.

Open the certificate in the native Windows certificate manager. Expand the folders to view the contents of the certificate chain. There should be at least two certificates. One is the certificate and the other is the Root CA.

Export the server certificate using the certificate export Wizard.In the Wizard, select Base-64 encoded X.509 (.CER) as the export format.Browse for a folder destination and give the certificate a file name. The extension should be .cer.

Repeat the steps with the Root CA certificate.

We need a single file to upload as a SSL certificate. So right click on the Server cert and open it in a editor utility like notepad++ and concatenate the contents in the below order.

Will doing this allow me to authenticate users via their personal certificate that was issued by the same issuing CA for CPPM? In other words I want to authenticate users with a certificate instead of MSCHAPV2. This certificate is already installed on all machines in our domain and each user has a personal certificate as well. This certificate is issued by our CA (active directory PKI). I want to know if it is possible to have CPPM authenticate against this same certificate and if the process described above is the correct one. "Certificate signed by a signing authority like AD."